Release Notes FREESCO 0.3.4

Changes to 034 

The telnet server and client have been removed and replaced with dropbear,
which is a SSH server and client. This SSH server is also capable of 
both client and server TCP port forwarding. This allows for floppy users
to open this server to Internet access and still have security with
encryption, along with SSH tunnels to the local network.

Two new options, one to disable root logins with the FTP server and the 
other to disable root logins with SSH.

The local ban can now also be a local allow. This allows a user to ban
there entire local subnet and then allow just the IP addresses that they
want to give access to the Internet. This still allows all local users
access to FREESCO and any servers running. The banlist.cfg has been replaced 
with restrict.cfg to clarify the ban/allow changes and in the file format
along with some minor changes to the control panel. ALL of the ban/allow 
commands can be time based rules with the addition of a start and stop time. 
This time format is based on hours and minutes of the day where the range is 
from 000 to 2359 and also includes an optional day format, so that rules can 
be day of the week oriented as well.

A new DHCP server mode. You can now set the DHCP server in "s" server mode.
Previously in 033 this was done automatically if there was only one network
card installed. Now this mode can be used on multiple interfaces. What this
mode does is if FREESCO is NOT your ISP connection, then it can still act as
a local DHCP server. Added some new checks in the rc_dhcpd to prevent the
server from running on the external interface when it shouldn't.

A new shutdown sound if diagnostic beeps are enabled in the advanced setup.
This enables a user without a monitor to know when the machine is completely
shut down.

A new read only disk option. This option can move a hard drive install
to a ram drive the same as previously available with floppy installs.
The only restriction is that the hard drive install including packages
is small enough to fit into the ram drive excluding the kernel and
ram disk size. This means that the system will run entirely in ram with
absolutely no disk activity and it will be impervious to power failures
or improper shut downs which cause disk corruption as well as absolutely
no disk activity when FREESCO is running.

A new SMTP client that can email logs to a specific recipient rather than
deleting them when the size limit is reached, as well as the ability to
email the external IP address at each connection time or any time it changes
and the ability to email a report.txt. This makes managing a remote system
possible as well as easily monitoring it's status.

A new feature to save logs to root's home directory when FREESCO is
installed on a hard drive, along with being able to remove logs older than
the number of days that you specify with a special command that can be 
included into a crond job.

A new option in the setup to add additional ports to stealth. With this
feature it is possible to completely stealth your router as long as all other
security settings are also set in secure mode. Additional firewall rules to 
stealth server service ports when set in secure mode.

All default configuration files are now hard coded into the ram disk. This
means that if a configuration file becomes corrupt or if anyone makes
changes that cause the file not to function. All that is required is to
delete the file from the /boot/etc directory and reboot the router. The
original will be in the /etc/ directory unmodified. This applies to all
original files in the /etc directory.

Two new ram disk sizes, 8MB and 16MB ram disks can now be installed.
Previously only 2MB and 4MB ram disks would install. The 2MB ram disk has
been removed with these two new additions along with only installing one
ram disk rather than two. Previously ram disk #1 was almost never used by
the system other than for /tmp directory space. This change has also raised
the minimum memory requirement to 20MB before a ram disk will install. Also
a new option to restrict the maximum ram disk size to just one 4MB ram disk
regardless of the system memory detected is available.

Changed the rc_dhcpd to remove dynamic DHCP leases any time a static DHCP
lease is added with the same MAC address.

More floppy formats are now supported 1440,1680,1722,1743,1760,1840,1920,
2880

More hard disk partitions are now supported by default hda,hdb,hdc,hdd,sda,
sdb,sdc,sdd with partitions from 1 through 7

034 will now mount from any device and file system that is supported by the
kernel. A DOS file system is still required for the mv2hd command. But other
formats can be used with a custom installation, such as ext2 which can be
used with the add on ext2-0.3.4-lewis package which will install on ANY
running (Internet connected) 0.3.4 floppy.

Changed the /etc/rc file so that non standard floppy formats will respond
the same as a standard 1.44 floppy. Also floppy drives that are not on the
first device "fd0". This means that when booted from fd1 or fd0u1680 
FREESCO will still respond correctly.

Changed the rc_eth file to ignore incorrect gateway settings when entered 
statically or through DHCP from a mis configured ISP DHCP server.

Enabled the DHCP client logging in the setup and system.cfg file which had 
not been enabled in previous versions of the 03x series. Repaired the colors 
in the setup which has been a bug since FREESCO was first released (All 
previous versions), so that yellow is really yellow. Added emailing a 
report.txt directly from setup.

Changed back to the 2.0.39 kernel to resolve the PPP problems in 033. This 
also means that all packages for the 03x series will run as well as the 
modules-03x.zip can be used for network drivers and all of the 032 kernels. 
If anyone is currently using a DX based processor there is a kernel.dx 
included in the zip file that can be copied to the floppy and the only 
difference will be that you will have a 20K increase in free disk space. 
Both new 034 kernels are also PCI optimized so 034 should perform better on 
PCI based systems.

Changed the password file for the root user to now have a home directory of 
/home/root, rather than just using / as the home directory. This change 
was required for the SSH client to retain any public key files as well as 
improvement for other applications that use root's home directory for 
specific user settings. This is also the storage location of log files if 
that option is enabled.

Upgraded dnsmasq to version 1.17 which fixes a significant number of bugs 
from 1.14, along with increasing the default cache size to 600

Upgraded dhcpd to version 2.0pl6 from b1.18 which fixes a number of old
issues along with a security patch. 

Upgraded the dhcpcd client daemon to version 1.3.22pl4. Thanks to Dingetje 
for help with compiling it.

Upgraded pure-ftpd from version 1.0.12 to 1.0.20

Upgraded thttpd from 2.05 to 2.25b.

Added user home web directories which can be enabled and accessed at 
http://your.router/~UserName. Removed /home directories for RAS 
(dial in) clients.

Added bandwidth control for the web server. Which means if you want you can 
restrict the web server so that it can never use more than the amount of 
bandwidth that you choose in Bytes per second.
 
Added options to the firewall setup so that all of the helper modules can be 
selected independently of each other. In all previous versions of FREESCO 
all of the modules were loaded automatically. But as each module decreases 
security it is now an option to only load the ones you really need.

Added a firewall rule to prevent external "smurf" attacks as well as external
IP spoofing.

Recompiled the pptp binary with better optimization flags to improve it's 
size.

One minor text color fix to the a: command as well as being able to mount 
any fd1 or special floppy formats with the addition of the device name after 
the a: command. Such as in "a: fd1" or "a: fd0u1680"

Changed the cp-rf command so that it can now copy files and directories with 
spaces in the names.

Changed the rc_dns so that special static DHCP leases will be incorporated 
into the /etc/hosts file correctly for DNS resolution. There has also been a 
change so that the DNS server will always resolve the same IP for it's own 
name. This resolves the problem of separate subnets that are not trusted to 
always get the correct IP address for the router as well as any dyndns 
clients that may be installed.

Up to four different ISP DNS servers can be defined either statically or
dynamically from the DHCP client or through the PPP client. These can either 
be used by the local caching DNS server or parsed to the clients with the 
DHCP server if the caching DNS server is disabled.

Increased the ram0 to 3Mb formated rather than 3Mb unformatted. This 
increase still allows FREESCO to run on 8MB of ram.

The dynamic DNS client now supports DynDNS, ZoneEdit, and DHS service 
providers.

Moved the /boot/rc directory into the ram disk. This provides a much faster 
boot for the floppy as well as providing a HUGE gain in disk space which was 
required for the above improvements and changes. This change will affect all 
lprng and Apache users, however it can be worked around, Dingetje has stated 
he would repackage them both for compatibility with this version and anyone 
using an older version of these packages can simply copy the /rc/rc_lpd and 
/rc/rc_httpd to the /pkg/rc directory after the package is installed or 
before an upgrade to this version is attempted. ANY built in /rc/rc_? file 
that a user wants to modify, excluding the rc_user file which is still 
available for editing can be copied to the /pkg/rc/ directory and then 
modified. All files in /pkg/rc/ will over ride any default rc_? file in the 
/rc/ directory.

Moved the control panel /boot/wwa directory into the ram disk. This change 
is primarily for a 20K gain in  disk space, but it also increases control 
panel access times and helps prevent unnecessary disk activity. Also some
new functions in the control panel to email a report, netinfo, or the 
current logs.

Changed the initial boot up parameters so that a mv2hd can be done before any 
type of configuration has been made and the system will still recognize that 
it has never been setup and go into the setup mode on the hard drive. This 
change is/was not required for this version, but for those with less than 
dependable floppy drives it may be needed. It may may also be useful in 
future versions where space constraints are possibly to high in some 
configurations.
 
Currently 50K free on the floppy.

 
freesco/manuals/03x/relnotes034.txt (36761 views) · Last modified: 2006/03/16 01:12 (external edit)
 
Recent changes RSS feed Creative Commons License Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki